In 2009, I became extremely concerned with the concept of Unique Identity for various reasons. Connected with many like minded highly educated people who were all concerned.
On 18th May 2010, I started this Blog to capture anything and everything I came across on the topic. This blog with its million hits is a testament to my concerns about loss of privacy and fear of the ID being misused and possible Criminal activities it could lead to.
In 2017 the Supreme Court of India gave its verdict after one of the longest hearings on any issue. I did my bit and appealed to the Supreme Court Judges too through an On Line Petition.
In 2019 the Aadhaar Legislation has been revised and passed by the two houses of the Parliament of India making it Legal. I am no Legal Eagle so my Opinion carries no weight except with people opposed to the very concept.
In 2019, this Blog now just captures on a Daily Basis list of Articles Published on anything to do with Aadhaar as obtained from Daily Google Searches and nothing more. Cannot burn the midnight candle any longer.
"In Matters of Conscience, the Law of Majority has no place"- Mahatma Gandhi
Ram Krishnaswamy
Sydney, Australia.

Aadhaar

The UIDAI has taken two successive governments in India and the entire world for a ride. It identifies nothing. It is not unique. The entire UID data has never been verified and audited. The UID cannot be used for governance, financial databases or anything. It’s use is the biggest threat to national security since independence. – Anupam Saraph 2018

When I opposed Aadhaar in 2010 , I was called a BJP stooge. In 2016 I am still opposing Aadhaar for the same reasons and I am told I am a Congress die hard. No one wants to see why I oppose Aadhaar as it is too difficult. Plus Aadhaar is FREE so why not get one ? Ram Krishnaswamy

First they ignore you, then they laugh at you, then they fight you, then you win.-Mahatma Gandhi

In matters of conscience, the law of the majority has no place.Mahatma Gandhi

“The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 of the Indian constitution refers to the right to life and liberty -Attorney General Mukul Rohatgi

“There is merit in the complaints. You are unwittingly allowing snooping, harassment and commercial exploitation. The information about an individual obtained by the UIDAI while issuing an Aadhaar card shall not be used for any other purpose, save as above, except as may be directed by a court for the purpose of criminal investigation.”-A three judge bench headed by Justice J Chelameswar said in an interim order.

Legal scholar Usha Ramanathan describes UID as an inverse of sunshine laws like the Right to Information. While the RTI makes the state transparent to the citizen, the UID does the inverse: it makes the citizen transparent to the state, she says.

Good idea gone bad
I have written earlier that UID/Aadhaar was a poorly designed, unreliable and expensive solution to the really good idea of providing national identification for over a billion Indians. My petition contends that UID in its current form violates the right to privacy of a citizen, guaranteed under Article 21 of the Constitution. This is because sensitive biometric and demographic information of citizens are with enrolment agencies, registrars and sub-registrars who have no legal liability for any misuse of this data. This petition has opened up the larger discussion on privacy rights for Indians. The current Article 21 interpretation by the Supreme Court was done decades ago, before the advent of internet and today’s technology and all the new privacy challenges that have arisen as a consequence.

Rajeev Chandrasekhar, MP Rajya Sabha

“What is Aadhaar? There is enormous confusion. That Aadhaar will identify people who are entitled for subsidy. No. Aadhaar doesn’t determine who is eligible and who isn’t,” Jairam Ramesh

But Aadhaar has been mythologised during the previous government by its creators into some technology super force that will transform governance in a miraculous manner. I even read an article recently that compared Aadhaar to some revolution and quoted a 1930s historian, Will Durant.Rajeev Chandrasekhar, Rajya Sabha MP

“I know you will say that it is not mandatory. But, it is compulsorily mandatorily voluntary,” Jairam Ramesh, Rajya Saba April 2017.

August 24, 2017: The nine-judge Constitution Bench rules that right to privacy is “intrinsic to life and liberty”and is inherently protected under the various fundamental freedoms enshrined under Part III of the Indian Constitution

"Never doubt that a small group of thoughtful, committed citizens can change the World; indeed it's the only thing that ever has"

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” -Edward Snowden

In the Supreme Court, Meenakshi Arora, one of the senior counsel in the case, compared it to living under a general, perpetual, nation-wide criminal warrant.

Had never thought of it that way, but living in the Aadhaar universe is like living in a prison. All of us are treated like criminals with barely any rights or recourse and gatekeepers have absolute power on you and your life.

Announcing the launch of the # BreakAadhaarChainscampaign, culminating with events in multiple cities on 12th Jan. This is the last opportunity to make your voice heard before the Supreme Court hearings start on 17th Jan 2018. In collaboration with @no2uidand@rozi_roti.

UIDAI's security seems to be founded on four time tested pillars of security idiocy

1) Denial

2) Issue fiats and point finger

3) Shoot messenger

4) Bury head in sand.

God Save India

Sunday, April 24, 2011

1235 - Digital Inclusion | UID can Transform Governance

Saturday, 23 April 2011
UID can Transform Governance

After a lot of discussion  and debate, the UID  project is now moving  forward. In mid-  December, the Unique Identification Authority of India (UIDAI) invited proposals from IT consulting companies for providing consultancy services to UIDAI for setting up of a Central ID Data Repository (CIDR) and selection of managed service provider (MSP). The move is aimed at appointing a consultant for designing a programme management strategy and implementing the roadmap for the UID project.

One of the key requirements of UID is to minimise/eliminate duplicate IDs and improve the efficacy of service delivery. UIDAI Director General & Mission Director Ram Sewak Sharma has of late been busy putting in place various panels to ensure the Authority meets its mandate within the timeline it has set for itself.
Inclusion caught up  with him to get an idea of how the mammoth project will roll out

The authority has floated three requests for proposal (RFPs). The first RFP focuses on selection of a data centre construction agency to design, construct, erect, and commission the CIDR facilities (physical infrastructure). Second one focuses on procurement of interim co-location facilities for the CIDR and the third RFP focuses on selection of managed service provider (MSP) to implement and manage CIDR.

The UIDAI would begin issuing unique ID numbers by February 2011, and intends to issue IDs to 600 million citizens in four years. India will be the first country to implement a biometric-based unique ID system for its residents on such a large scale. The project estimated to cost around Rs 30,000 crore will eventually cover the entire population of the country. The unique 16-digit number can be accessed and verified online from anywhere in the country.

"All the enrolling agencies will probably have to make the UID number a primary field of their databases. This will enable them to leverage the power of this number to improve their systems and processes"

The timing of this initiative coincides with the increased focus of the government on social inclusion and development through massive investments in social sector programmes, and upgrading public services delivery through e-governance programmes. As Chairman Nandan Nilekani has reiterated "I think it (UID) is a very powerful and inclusive idea. It will help the poor have better access to public services and will be a great enabler for their financial inclusion. The flagship welfare schemes of the government can be made more efficient," he said, adding that it will help strengthen national security, reducing fraud and increasing tax collection.


How do you see the universal identification (UID) programme aiding development goals of the government, especially given the identification process and the Reserve Bank of India’s Know Your Customer (KYC) norms?

This is exactly the place where UID comes in: once a bank or any other institution is enrolling a person into the UID system, it is going to verify whether he is the person who he claims to be or not.  The data standards and verification norms which the Authority is prescribing for its Know Your Resident (KYR) process are, to the extent possible, being aligned with the KYC requirements of no-frills accounts. Once that happens, then opening a no-frills account will not  require any additional authentication; the basic authentication done by UIDAI should be sufficient.

How do you see UID aiding the financial inclusion initiatives?
UIDAI provides two assurances. The first is that we will have a unique identification for everybody and  there will be no duplicates or fake IDs, which means if somebody has got an ID, he or she has to be living at the  point of time of collecting the details. So, uniqueness and existence are two basic things which we will ensure. The other thing which we will ensure, and this is a crucial to promoting financial inclusion, is the online, cost-effective real-time authentication of the identity of the person making any transaction.

Who all are the UIDs being given to?
Every resident of this country: adults, children, everybody.

This is an enormous exercise that can help banks and financial institutions know who meets the KYC norms and who does not, which in effect means that such institutions will no longer need to follow the KYC norms?
Yes. In fact, what we are saying is that the bankers themselves can be the enrolling registrars for providing the UIDs. We are not saying that the banking institutions will not need to follow the KYC Norms. What we are saying is that they can re-use the information collected by other registrars like NREGS and, if required, supplement it with any other information which they might need for their own purposes.

Wouldn’t this require a standardisation of KYC norms across agencies, across registrars?
All agencies who are going to work as our registrars have to follow a standard KYR process for enrolling into UID System. In order to develop these standards UIDAI has set up two committees. One is a nine-member Biometric Standards Committee headed by National Informatics Centre Chairman B K Gairola. This committee is going to decide as to what kind of biometrics to capture - face, all finger prints, two/four  finger prints, iris etc. 

The other committee is a 16-member Demographic Data Standards and Verification Procedure Committee, with former Central Vigilance Commissioner N Vittal as its Chairman. Demographic data standards will cover information like a person's name, his father/mother/guardian name, address, date of birth, etc. It is the task of the Vittal Committee to identify the fields of data and verification methods to ensure the veracity of such demographic data. Vittal Committee has already submitted the report and all the recommendations of the Committee have been accepted by the UIDAI. The report is available on our web-site : www.uidai.gov.in The other Committee is also expected to submit its report soon.
Such uniformity in collection of demographic data and biometric will ensure that the data of a person enrolled by NREGS can be reliably used by a Grameen Bank. Therefore, this will actually eliminate  the problem of re-verification of the same details about the same individual again and again by each agency.

Are we looking at one large data repository of all residents?
Yes. There will be one common repository with the UID called the Central ID Repository (CIDR).  UIDAI will not issue any card to the residents. However, we shall send a letter to the residents giving their UID number and they can keep that letter as a kind of card (there will be a perforated part which can be torn out - similar to what they give in US for the Social Security Number (SSN)

Thus far we have had complete consensus from all. There is no agency in the system that has not agreed to cooperate or help us in this endeavour. There is an all-round support for the project.

Don't you think that integrating data collected by different enrolling agencies using different systems will need to be assimilated using a common standard? How will the UID be embedded into various applications?
As I explained just now, every agency working as our Registrar is going to use the same method of data collection and verification for UID purposes. They can, in addition, collect data which these agencies may require for their purposes. However, there will be complete standardisation of the processes for UID enrolment purposes and this will ensure that irrespective of which route the data came from, it has gone through the same processes and therefore has the same reliability.
For leveraging the power of the UID number, various agencies will have to embed the UID number into their databases. This will enable cross linkages across systems and processes. This is of a tremendous advantage because various databases  will then be able to talk to each other; today, their systems have no cross linkages and they are unable to figure out how many times a person figures in their database? So, this will have a cleansing effect on all existing databases. The result is that enrolling agencies will be able to clean their databases and further streamline operations.

But will this not involve a major change in the mindsets?
Yes, you are right. We will have to provide some hand-holding to all enrolling agencies  to ensure standardisation and also help them in becoming UID-ready.  They will need to change their systems to leverage the power of UIDs. So, some standardisation is a basic pre-requisite of the task on hand and it cannot be avoided.

Will there be a standardisation of the identity proof that is going to be issued by different registrars and will this be some kind of a smart card?
We are not issuing any direction to our registrars with regard to cards. The registrars are free to  give anything they want to their clients/customers. Our business is quite simple. Once we have collected the basic demographic and biometric details  for which there will be a standard process, we will be able to provide Unique IDS. Further we will be putting in place  a simple and cost-effective authentication  process for verifying such identities. That itself will be a great game changer. The registrars can give a smart card or whatever they like to their clients, but it should have the UID number. We are basically performing two simple functions: giving UIDs and authenticating these IDs as and when required.

Biometric Standards will be driven by the ultimate objective of de-duplication and the obligation of delivering on the promise of uniqueness. Our standards will be open and interoperable. We are clear that we should not be tied to any particular technology.

What are the checks being put in to ensure that the UID number of person is not in use after he/she ceases to exist?
If there is a good birth and death registration system in the country, then it will enable us to put a flag on that particular UID number. Otherwise, we really have no way to figure out if a person with a given identity exists or not. And, this is where biometrics comes in. One can only use a UID number provided one has the necessary biometric identification to prove his identity. So, while a person may continue to exist in the database even after his death, he cannot make use of facilities like claiming pensions and other services, unless he/she is able to prove his/her identity. So, this whole process of dead or non-existent people drawing pensions and even salaries gets eliminated and you also get an assurance that facilities are being used by the real persons and not by the fake or dead.

Is the government looking at  prospects of specific technologies and standards that will be used?
Yes, certainly. We are looking at the question of standards.  These will be driven by the ultimate objective of de-duplication and the obligation of delivering on the promise of uniqueness. And here our standards will be as open and based on international standards (ISO, etc). In  our operations, we are clear that we should not be tied to a particular technology.

What are the challenges you see ahead?
Actually, there are a whole lot of challenges. To name just a few: One is the technological challenge itself, because nowhere in the world does a database for 1.2 billion people exists. The largest biometric database currently is in the US, which covers only about 110 million people. The UID project is 10 times that size. So, de-duplication in such a large database is a big challenge. Two, I think making systems UID compliant is another big challenge. Logistics is certainly going to be another. India is a very diverse country and you have past, present and future co-existing at the same time. Then, reaching out to the people who are unreached so far is another big challenge. There may  be some resistance from the people who are going to be affected. They will try to find shortcomings with the system, trying to create examples that the system is not going to work.

Is there any role of PRIs in this?
Yes, the verification is at the local level. Ultimately, a villager knows his fellow villagers, even a government employee will not know each person in the village. Therefore, we will have to depend heavily on the PRIs to verify  the people, probably help us in enrolments also.

The big debate sometime back was does UID mean you are a citizen of India?
The mandate of the UIDAI is to provide UID numbers to all the residents of the country.

Given the enormity of the task, what kind of organizational structure has been envisaged?
We have clarity on this issue. Structure-wise, we are dividing the country into eight regions. While the  initial idea was that we should have a UID commissioner in each state, we do not think this is required in the initial stages. For example, Pondicherry is a very small UT and Uttar Pradesh a very big state, so we should not really go state by state. We are planning to have a regional office that will cater to a population of about 150-170 million. Then, there will be one central office in Delhi and the technology centre in Bangalore.

Has a dialogue been initiated at the state level?
Our Chairman, Nandan Nilekani, has  visited  12 states so far. This apart, the UIDAI has held consultations with all the regulators, state and central departments. We have met, for example, the TRAI, the RBI, the PFRDA, IRDA, telecom department, health, education and the rural development department. We have also met all the statutory authorities, like the CIC, CVC and Election Commission.

Is getting a consensus proving to be a challenge?
I think thus far we have had full support from all and there is no agency in the system that has not agreed to cooperate or help us in this endeavour. There is absolutely no resistance. Everybody is quite excited about the project.  Personally, I look at it as a project that has the potential to transform governance in this country.